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EXAMINER'S AMENDMENT 

1 . An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with James Boice on 2/24/06. 

The claims have been amended as follows: 

1 . (amended) A process for accessing a non-Enterprise JavaBean (EJB) Common Object Broker 
Request Architecture (CORBA) object method on a server, said process comprising: 

receiving at the server a request from a requesting user for the non-EJB CORBA object 
method; 

redirecting said request to a shadow EJB object method of a shadow EJB object , said 
shadow EJB object method being a complementary method to the non-EJB CORBA object 
method, wherein the shadow EJB object [method] is incapable of performing any function other 
than [accessing an EJB security system in response to a request for the shadow EJB object 
method, thus] enabling [an] authorization for [a specific] the requesting user to access a non-EJB 
CORBA object that contains the non-EJB CORBA object method; [and] 

accessing an EJB security system in response to the request for the shadow EJB object 
method; 

verifying by [obtaining authorization from] the EJB security system [to access the non- 
EJB CORBA object method based on an authorization for] if the [specific] requesting user is 
authorized to access the shadow EJB object[.] method; and 

allowing the requesting user to access the non-EJB CORBA object method if the 

requesting user is authorized to access the shadow EJB object method. 



Application/Control Number: 10/068,335 Page 3 

Art Unit: 2132 

3. (amended) The process of claim 1, further comprising: 

receiving an assigned user role for a requesting user of a client computer connected to the 

server; 

storing said user role in the server; 

generating a method-role mapping table to define an authorized role to access said [non- 
EJB CORBA] shadow EJB object method; and 

comparing said assigned user role with said authorized role to determine if said 
requesting user is authorized to access said [non-EJB CORBA] shadow EJB object method. 

4. (amended) A computer system server for providing a non-Enterprise JavaBean (EJB) 
Common Object Broker Request Architecture (CORBA) object method, said computer system 
server comprising: 

means for receiving at the computer system server a request from a requesting user for 
the non-EJB CORBA object method; 

means for redirecting said request to a shadow EJB object method of a shadow EJB 
object , said shadow EJB object method being a complementary method to the non-EJB CORBA 
object method, wherein the shadow EJB object [method] is incapable of performing any function 
other than [accessing an EJB security system in response to a request for the shadow EJB object 
method, thus] enabling [an] authorization for [a specific] the requesting user to access a non-EJB 
CORBA object that contains the non-EJB CORBA object method; [and] 

means for accessing an EJB security system in response to the request for the shadow 
EJB object method; 

means for verifying by [obtaining authorization from] the EJB security system [to access 
the non-EJB CORBA object method based on an authorization for] if the [specific] requesting 
user is authorized to access the shadow EJB object[.] method; and 

means for allowing the requesting user to access the non-EJB CORBA object method if 

the requesting user is authorized to access the shadow EJB object method. 
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6. (amended) The computer system server of claim 4, further comprising: 

means for receiving a user role for a requesting user of a client computer connected to the 
computer system server; 

means for storing said user role in the computer system server; 

means for generating a method-role mapping table to define an authorized role to access 
said [non-EJB CORBA] shadow EJB object method; and 

means for comparing said user role with said authorized role to determine if said 
requesting user is authorized to access said [non-EJB CORBA] shadow EJB object method. 

7. (amended) A computer program product, residing on a [tangible] computer [usable] 
recordable medium, for accessing a non-Enterprise JavaBean (EJB) common Object Broker 
Request Architecture (CORBA) object method on a server, said computer program product 
comprising: 

program code means for receiving at a server a request from a requesting user for a non- 
EJB CORBA object method; 

program code means for redirecting said request to a shadow EJB object method of a 
shadow EJB object , said shadow EJB object [method] being a complementary method to the 
non-EJB CORBA object method, wherein the shadow EJB object method is incapable of 
performing any function other than [accessing an EJB security system in response to a request 
for the shadow EJB object method, thus] enabling an authorization for [a specific] the requesting 
user to access a non-EJB CORBA object that contains the non-EJB CORBA object method; 
[and] 

program code means for accessing an EJB security system in response to the request for 
the shadow EJB object method; 

program code means for verifying bv [obtaining authorization from] the EJB security 
system [to access the non-EJB CORBA object method based on an authorization for] if the 
[specific] requesting user is authorized to access the shadow EJB object[.] method; and 

program code means for allowing the requesting user to access the non-EJB CORBA 

object met hod if the requesting user is authorized to access the shadow EJB object method. 
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9. (amended) The computer program product of claim 7, further comprising: 

program code means for receiving an assigned user role for a requesting user of a client 

computer connected to the server; 

program code means for storing said user role in the server; 

program code means for generating a method-role mapping table to define an authorized 
role to access said [non-EJB CORBA] shadow EJB object method; and 

program code means for comparing said assigned user role with said authorized role to 

determine if said requesting user is authorized to access said [non-EJB CORBA] shadow EJB 

object method. 

2. The following is an examiner's statement of reasons for allowance. The present 
invention is directed to a method for controlling a user's access to a non-Enterprise 
JavaBean (EJB) CORBA object method using a shadow EJB object method and EJB 
security mechanism. More specifically, independent claims 1 , 4 and 7 identify the 
uniquely distinct features: the shadow EJB object method is used by the EJB security 
mechanism only to determine the user's access right to the shadow EJB object, and 
then the access right is used to indirectly determine the user's access right to the 
corresponding non-EJB CORBA object method. The closest prior art, Bodwell et al. 
(6,951 ,021 ), also discloses using a shadow EJB object method to control access to a 
non-EJB CORBA object method; however, Petersen's shadow EJB object method 
performs the security checking itself. The prior art, taken either singly or in combination, 
fails to anticipate or fairly suggest the limitations of applicant's independent claim, in 
such a manner that a rejection under 35 U.S.C 102 or 103 would be proper. The 
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claimed invention is therefore considered to be in condition for allowance as being novel 
and nonobvious over prior art. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dinh whose telephone number is 571-272-3802. 
The examiner can normally be reached on Mon-Fri: 1 0:00am-6:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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